Skip to content
onteon logo

SSL - basic configuration

For basic configuration single command from CLI can be used:

$ onteoncli ssl init-configuration
initialized: true

This will enable SSL configuration with default settings:

  • One-Way SSL configuration for API, Edge Balancer, Inner Balancer, Internal
  • Size for all private keys set to 4096
  • Validity time for root CAs set to 730 days
  • Rotation time for root CAs set to 365 days
  • Validity time for intermediate CAs set to 180 days
  • Rotation time for intermediate CAs set to 90 days
  • Validity time for server and client CAs set to 60 days
  • Rotation time for server and client CAs set to 30 days
  • All certificates will used default names for CN record in certificates and nothing more will be set (important in case of hostname verification)
  • Communication to applications running on different node will be done with proxy (Inner Balancer)
  • Communication to applications running on same node will be done directly with or without SSL (depends on what protocol application exposes)

Command can be configured as described here

Your data will be processed by Onteon Tech Sp. z o.o. based in Krakow, Poland. We process your data for the following purposes: To answer questions emailed to us (only until the question is answered or you tell us to end processing your data) and secure potential claims (until they are time-barred under the law). Providing data processing consent is voluntary but, without it, we cannot give you an answer to the question you asked in your email. The data may be disclosed to entities that provide us with services (e.g., our hosting provider or our IT support company). You have the right to request access to your personal data, corrections, deletion, or the restriction of processing, as well as the right to object to processing and to lodge a complaint with a supervising authority.